Opera has patched a vulnerability which is has deemed to be ‘highly critical'.
A patch is available for the browser due to a vulnerability which can be exploited in the history search function. The flaw leaves Opera users at risk of attack if they just visit a malware loaded web page.
Aviv Raff, who discovered the flaws, said in a blog: “The problem was that Opera did not sanitise specific parameters correctly, and an arbitrary script could be injected to this page.
“An attacker could then execute a script that will create an iframe which will open the opera:config local resource. And then, it will call a script within the opera:config page, which will change the settings and execute arbitrary code on the user's machine as explained previously.
“While both vulnerabilities in the “History Page” are now fixed, the core problem which makes it possible to execute code from remote, still isn't. There is still no Same Origin Policy restriction between local resources in Opera. It is still possible for a script to access one local resource (e.g. opera:cache) from another (e.g. opera:config).
In my submission to Opera I've asked them to fix this issue as well, and I really hope they will do so before other vulnerabilities will be found in more local resources.”
See original article on SC Magazine UK
Opera patches vulnerabilities
By Staff Writers on Nov 6, 2008 2:22PM